Senior IT Auditor

Our client is a prominent digital financial institution focused on supporting entrepreneurs and micro-businesses across Nigeria. With an established branch presence and a growing digital platform offering innovative solutions, the organisation continues to leverage technology to enhance financial inclusion.

As part of its ongoing digital growth and commitment to maintaining a secure technology environment, our client is looking to engage a skilled and experienced Senior IT Auditor to join its Internal Audit team in Lagos.

Key Responsibilities

1. IT Audit Planning and Execution

• Support the development and execution of the annual, risk-based IT audit plan.
• Collaborate and liaise with the Group Central IT Audit team to align local audit work programs with Group methodologies and global security standards.
• Conduct comprehensive IT audits covering core banking systems, financial applications, digital channels, cybersecurity, cloud environments, databases, and IT operations.
• Perform technical audits of key platforms, Core Banking system, Sage X3, digital banking applications, POS/card platforms, and payment gateways.
• Evaluate IT General Controls (ITGCs) including user access management, change management, backup/recovery, incident management, and vendor management.
• Assess IT application controls, including maker-checker integrity, input validation, system configuration, interface controls, and exception monitoring.

2. Cybersecurity, Data Privacy & Regulatory Compliance

• Assess the adequacy of cybersecurity controls, vulnerability management programs, threat monitoring, and information security governance.
• Verify compliance with applicable regulations, including CBN technology and cybersecurity guidelines, NDPA/NDPC data protection requirements, and internal information security frameworks.
• Review IT disaster recovery plans, business continuity plans (BCP), system logs, privileged access controls, and password management protocols.
• Provide robust assurance reviews over digital transformation initiatives, fintech partnerships, and third-party vendor integrations.

3. Reporting, Follow-Up & Advisory

• Prepare clear, risk-focused audit findings structured around criteria, condition, cause, impact, and recommendation.
• Collaborate with IT and business process owners to agree on practical, SMART (Specific, Measurable, Achievable, Relevant, Time-bound) management action plans.
• Track, validate, and report on the implementation of internal IT audit recommendations, external audit findings, and regulatory directives.
• Escalate high-risk, recurring, or overdue IT control weaknesses directly to the Chief Internal Audit Officer and the Group IT Audit Director.
• Provide proactive, independent control insights on upcoming IT projects and system migrations without assuming management responsibility.

Education & Professional Certifications:

• Education: Bachelor’s degree
• Professional Certifications: Active certification (or advanced progress toward completion) is highly preferred:
  • CISA (Certified Information Systems Auditor) – Strongly preferred
  • CRISC (Certified in Risk and Information Systems Control)
  • CEH (Certified Ethical Hacker)  and,
  • Other recognized IT Audit certifications.

Experience Required:

• Minimum of 5–7 years of relevant experience in IT audit, information security, technology risk, or systems control.